Security Engineer

The company was founded in 2010 with the goal of simplifying B2B content delivery for the modern iGaming landscape. Via a quick one-time integration, they provide access to a roster of 1000+ casino games and a diverse range of proprietary products, including Poker, Bingo and its own rapidly expanding slot portfolio. The high-quality aggregated content is provided through its selected partners.

Now the company is seeking a Security Engineer to join their Information Security team

Tasks:

• Design, implement, and manage security processes and frameworks to protect ICT systems
• Actively participate in security operations by conducting risk assessments, reviewing and remediating vulnerability findings, supporting compliance audits, investigating security events, and managing incidents
• Actively support and develop ISMS: design and implement security policies and procedures across the organization
• Participate in audits, such as ISO 27001, financial PWC audits and other compliance related requirements, support remediation where applicable
• Support ISO27001:2022 maintenance within the business by performing related tasks, such as supplier monitoring, ISMS control monitoring, gap assessments and control review
• Actively participate in Security Operations implementation, improvement and BAU. Tasks include log monitoring, alert development, alert investigation, incident management, incident reporting, security awareness, and continuous improvement
• Collaborate with wider business to integrate security principles into applications, infrastructure, and processes
• Stay current with emerging threats and best practices, applying them to improve the company's security posture

Must-have:

• CISSP or equivalent certification is required; ISO 27001 Lead Implementer is preferred
• Bachelor's degree in information security, Computer Science, or related field
• Proven experience with ISO 27001 audits, including preparation, participation, and implementation of findings, is preferred
• Hands-on experience with EDR, SIEM, IDS/IPS, MDM, DDoS protection and vulnerability management is critical 
• Strong experience in Security Operations, including log monitoring, threat detection, and incident response, is foundational
• Advanced English communication skills, both written and spoken are critical for success in this role 

Nice-to-have:

• Proficiency in scripting and automation (e.g., Jira / Confluence automation, Python, Bash) for security operations is beneficial

Benefits and conditions:

• Trial period: 4 months 
• Hybrid work (3 days a week in the office) 
• Sport and health benefits 
• Team events
• Budget for self-education 

Interview process:

1. Intro call with Toughbyte
2. Call with the Hiring Manager 
3. Call with the CIO 
4. HR call